These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
123Next pageLast page
 

Convo request spamming - why isn't this an exploit?

First post
Author
James Amril-Kesh
Viziam
Amarr Empire
#1 - 2012-10-03 20:46:02 UTC  |  Edited by: James Amril-Kesh
It's a dirty tactic, but we all know it happens. Often in large fleets I've heard an FC tell the fleet to convo spam a certain character (usually the FC of the opposing fleet) causing their client to lag out severely or even crash. This works even if that character has their client set to auto-reject conversation requests, as the requests still get sent to their client.

The conversation requests of course cause the incoming traffic to saturate the target machine so much it can't respond to legitimate traffic. This is literally what is known as a denial-of-service attack.

Previous petition responses, however, indicate that this is not considered an exploit. How does that make any sense? I understand that our coalition and at times our alliance is guilty of doing the same, but that doesn't make it right. When I've been in fleets where the FC has said to convo spam a certain person I've never done it. The EULA specifically states:

http://community.eveonline.com/pnp/eula.asp
Quote:
You may not take any action that imposes an unreasonable or disproportionately large load on the System.

"The System" here refers to the client system, which includes the server and all player clients connected to the server.
Furthermore:
Quote:
User Content that you cause to be communicated to the System may not... (iv) contain any viruses, Trojan horses, disabling code, worms, time bombs, "clear GIFs," cancelbots or other computer programming or routines that are intended to, or which in fact, damage, detrimentally interfere with, monitor, intercept or expropriate any data, information, packets or personal information.

Conversation spamming clearly violates both of these terms of the EULA.
The relevant sections are 6.A.1 and 10.C.iv


So the question is, shouldn't this be declared an exploit?

Enjoying the rain today? ;)

Jim Era
#2 - 2012-10-03 20:53:28 UTC
I don't understand why people have to be ****** just to win.
Its about the experience, not the victory.

Wat™

Mallak Azaria
Caldari Provisions
Caldari State
#3 - 2012-10-03 20:55:11 UTC
Jim Era wrote:
I don't understand why people have to be ****** just to win.
Its about the experience, not the victory.


The victory is the experience.

This post was lovingly crafted by a member of the Goonwaffe Posting Cabal, proud member of the popular gay hookup site somethingawful.com, Spelling Bee, Grammar Gestapo & #1 Official Gevlon Goblin Fanclub member.

James Amril-Kesh
Viziam
Amarr Empire
#4 - 2012-10-03 20:55:41 UTC
Jim Era wrote:
I don't understand why people have to be ****** just to win.
Its about the experience, not the victory.

I agree. I'm not saying that my coalition/alliance is innocent of this either. I've been told in a few fleets to convo spam the FC of an opposing fleet. I don't do it though, because to me it's practically the definition of an exploit.

Enjoying the rain today? ;)

Darth Gustav
Froosh INC.
Goonswarm Federation
#5 - 2012-10-03 21:03:07 UTC  |  Edited by: Darth Gustav
James Amril-Kesh wrote:
It's a dirty tactic, but we all know it happens. Often in large fleets I've heard an FC tell the fleet to convo spam a certain character (usually the FC of the opposing fleet) causing their client to lag out severely or even crash. This works even if that character has their client set to auto-reject conversation requests, as the requests still get sent to their client.

The conversation requests of course cause the incoming traffic to saturate the target machine so much it can't respond to legitimate traffic. This is literally what is known as a denial-of-service attack.

Previous petition responses, however, indicate that this is not considered an exploit. How does that make any sense? I understand that our coalition and at times our alliance is guilty of doing the same, but that doesn't make it right. When I've been in fleets where the FC has said to convo spam a certain person I've never done it. The EULA specifically states:

http://community.eveonline.com/pnp/eula.asp
Quote:
You may not take any action that imposes an unreasonable or disproportionately large load on the System.

"The System" here refers to the client system, which includes the server and all player clients connected to the server.
Furthermore:
Quote:
User Content that you cause to be communicated to the System may not... (iv) contain any viruses, Trojan horses, disabling code, worms, time bombs, "clear GIFs," cancelbots or other computer programming or routines that are intended to, or which in fact, damage, detrimentally interfere with, monitor, intercept or expropriate any data, information, packets or personal information.

Conversation spamming clearly violates both of these terms of the EULA.
The relevant sections are 6.A.1 and 10.C.iv


So the question is, shouldn't this be declared an exploit?

Let me address this:

The EULA clearly says "You may not take any action that imposes an unreasonable or disproportionately large load on the System."

Sending somebody a convo is an action "you" perform. The system is designed to support a conversation request from "you." One request does not break the game. Likewise, each of your fleetmates also may convo anyone they choose, so long as they don't do so in a way that causes their single request to be re-propagated automatically or in some other way cause lag to the system, they have performed a legitimate function of the game. To whit, even the FC calling for everyone to do this is not an exploit, per se, because they haven't directly taken action that presents a disproportionate load. In fact, when the FC attempts to convo the target, their request is just as valid as any other request which has been sent.

So in short, the answer is "you" aren't doing anything "wrong." Only taken as a whole does the attack cause a strain on the system, which isn't any different than jumping your giant fleet into jita and enacting lag and ti-di. It's just a natural part of a lot of people playing a video game in a persistent environment.

My 2 isk.

He who trolls trolls best when he who is trolled trolls the troller. -Darth Gustav's Axiom

James Amril-Kesh
Viziam
Amarr Empire
#6 - 2012-10-03 21:06:01 UTC
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

Enjoying the rain today? ;)

Darth Gustav
Froosh INC.
Goonswarm Federation
#7 - 2012-10-03 21:13:38 UTC
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

He who trolls trolls best when he who is trolled trolls the troller. -Darth Gustav's Axiom

James Amril-Kesh
Viziam
Amarr Empire
#8 - 2012-10-03 21:15:09 UTC
Darth Gustav wrote:
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

Does that really make a difference? If anything them being in control makes them culpable as well, since they're complicit in the act.

Enjoying the rain today? ;)

Alavaria Fera
Imperial Shipment
#9 - 2012-10-03 21:15:21 UTC
Darth Gustav wrote:
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

I just wanted to congratulate them on losing a fleet ...

Triggered by: Wars of Sovless Agression, Bending the Knee, Twisting the Knife, Eating Sov Wheaties, Bombless Bombers, Fizzlesov, Interceptor Fleets, Running Away, GhostTime Vuln, Renters, Bombs, Bubbles ?

Darth Gustav
Froosh INC.
Goonswarm Federation
#10 - 2012-10-03 21:16:46 UTC
James Amril-Kesh wrote:
Darth Gustav wrote:
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

Does that really make a difference? If anything them being in control makes them culpable as well, since they're complicit in the act.

It makes all the difference.

Do you really believe that if your FC asks you to convo a specific pilot that you are suddenly and inexplicably not allowed to perform this normal game function? Just because somebody asked you to?

That isn't a very sound position, and it's no wonder CCP doesn't classify it an exploit:

Because it's not.

He who trolls trolls best when he who is trolled trolls the troller. -Darth Gustav's Axiom

Jim Era
#11 - 2012-10-03 21:18:32 UTC
Ok, not an exploit.
Just a maneuver used by bad players who are unable to compete appropriately.

Therefore, whoever uses this technique is automatically the loser because how can you be taken seriously?

lol

Wat™

James Amril-Kesh
Viziam
Amarr Empire
#12 - 2012-10-03 21:19:20 UTC  |  Edited by: James Amril-Kesh
Darth Gustav wrote:
James Amril-Kesh wrote:
Darth Gustav wrote:
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

Does that really make a difference? If anything them being in control makes them culpable as well, since they're complicit in the act.

It makes all the difference.

Do you really believe that if your FC asks you to convo a specific pilot that you are suddenly and inexplicably not allowed to perform this normal game function? Just because somebody asked you to?

That isn't a very sound position, and it's no wonder CCP doesn't classify it an exploit:

Because it's not.

I believe that if my action knowingly causes a service disruption for another player, then yes, I'm not allowed to do it, even if it is regularly a normal game function. It's a perfectly sound position.

Warping away from someone who is attacking you is also a normal game function, but whenever that someone was CONCORD this wasn't allowed. Eventually CCP just changed it so that this was impossible, but previously CCP specifically stated that warping away from CONCORD was an exploit. Regardless of the fact that the game allowed you to do it just fine.

Enjoying the rain today? ;)

Darth Gustav
Froosh INC.
Goonswarm Federation
#13 - 2012-10-03 21:21:05 UTC
James Amril-Kesh wrote:
Darth Gustav wrote:
James Amril-Kesh wrote:
Darth Gustav wrote:
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

Does that really make a difference? If anything them being in control makes them culpable as well, since they're complicit in the act.

It makes all the difference.

Do you really believe that if your FC asks you to convo a specific pilot that you are suddenly and inexplicably not allowed to perform this normal game function? Just because somebody asked you to?

That isn't a very sound position, and it's no wonder CCP doesn't classify it an exploit:

Because it's not.

I believe that if my action knowingly causes a service disruption for another player, then yes, I'm not allowed to do it, even if it is regularly a normal game function. It's a perfectly sound position.

So you believe you are aware of the number of requests actually being sent, their timing and time-frame, and the victim's client machine's tolerance for load?

Because I have no idea at any given time whether or not somebody is being convo'd. Any attempt, ever, could potentially break their game.

He who trolls trolls best when he who is trolled trolls the troller. -Darth Gustav's Axiom

James Amril-Kesh
Viziam
Amarr Empire
#14 - 2012-10-03 21:23:29 UTC
Darth Gustav wrote:
So you believe you are aware of the number of requests actually being sent, their timing and time-frame, and the victim's client machine's tolerance for load?

Yes, if the FC tells you to do it and there's no rule against it, a lot of people in the fleet are going to be doing it. Discussion in this thread is specific to that situation.

Darth Gustav wrote:
Because I have no idea at any given time whether or not somebody is being convo'd. Any attempt, ever, could potentially break their game.

Of course, but that's not within the scope of this thread.

Enjoying the rain today? ;)

Kalen Vox
Veyr
The Veyr Collective
#15 - 2012-10-03 21:25:19 UTC
I cannot imagine why people are popping up even to defend this, which, in my opinion is clearly an exploit.


Jetting a single can is not an exploit. A whole fleet jetting hundreds of cans to cause grid loading lag is. This we know.

Starting a single convo is not an exploit. A whole fleet starting hundreds of convos to cause lag is.


Simple.

Darth Gustav
Froosh INC.
Goonswarm Federation
#16 - 2012-10-03 21:28:56 UTC
James Amril-Kesh wrote:
Darth Gustav wrote:
So you believe you are aware of the number of requests actually being sent, their timing and time-frame, and the victim's client machine's tolerance for load?

Yes, if the FC tells you to do it and there's no rule against it, a lot of people in the fleet are going to be doing it. Discussion in this thread is specific to that situation.

Darth Gustav wrote:
Because I have no idea at any given time whether or not somebody is being convo'd. Any attempt, ever, could potentially break their game.

Of course, but that's not within the scope of this thread.

For CCP's purposes, it certainly is. That's my point.

How is CCP going to act on this if there is no evidence of the FC's order?

Without evidence of the order (which happens on TS) what are they left with?

A bunch of attempts to convo somebody in local with you.

That's the point. Without evidence against the FC, this thread's whole premise is borked.

And CCP seem sensible enough to know they will rarely if ever get actual usable evidence for this.

So it remains not an exploit.

He who trolls trolls best when he who is trolled trolls the troller. -Darth Gustav's Axiom

Zeomebuch Nova
Undrinkable Grog Inc.
#17 - 2012-10-03 21:31:43 UTC
set maxConvoReq 10
James Amril-Kesh
Viziam
Amarr Empire
#18 - 2012-10-03 21:34:28 UTC  |  Edited by: James Amril-Kesh
Darth Gustav wrote:
James Amril-Kesh wrote:
Darth Gustav wrote:
So you believe you are aware of the number of requests actually being sent, their timing and time-frame, and the victim's client machine's tolerance for load?

Yes, if the FC tells you to do it and there's no rule against it, a lot of people in the fleet are going to be doing it. Discussion in this thread is specific to that situation.

Darth Gustav wrote:
Because I have no idea at any given time whether or not somebody is being convo'd. Any attempt, ever, could potentially break their game.

Of course, but that's not within the scope of this thread.

For CCP's purposes, it certainly is. That's my point.

How is CCP going to act on this if there is no evidence of the FC's order?

Without evidence of the order (which happens on TS) what are they left with?

A bunch of attempts to convo somebody in local with you.

That's the point. Without evidence against the FC, this thread's whole premise is borked.

And CCP seem sensible enough to know they will rarely if ever get actual usable evidence for this.

So it remains not an exploit.

You'd have to be seriously naive to think that a whole bunch of people who all happen to be in the same fleet convoing a single person all at the same time are doing so for legitimate purposes and not actually trying to cause that person to lag out. In any case the intent doesn't matter, just as putting a huge number of cans or drones on gate isn't necessarily intended to cause lag. Suppose the can/drone droppers really just want to make it so cloaking ships can't activate their cloaking device. They still have to drop a huge number of cans/drones to do so, which causes lag, which is considered an exploit.

Enjoying the rain today? ;)

Cipher Jones
The Thomas Edwards Taco Tuesday All Stars
#19 - 2012-10-03 21:37:53 UTC
Darth Gustav wrote:
James Amril-Kesh wrote:
Darth Gustav wrote:
James Amril-Kesh wrote:
In that same vein a "ping" generated by any single computer in a botnet is not illegitimate network usage, but thousands of pings from thousands of computers can be harmful and the wrongful act is by the person who controls the botnet. Similarly, the FC who orders their fleet to all convo a specific person at once is analogous to the botnet operator, and he is the person who has committed a wrong because not only is he using the accounts of a large amount of people with the result of causing service disruption, the service disruption is his actual intent.

His pilots. They are not bots.

They are players.

They are in control.

The owners of botnet computers...they aren't.

Does that really make a difference? If anything them being in control makes them culpable as well, since they're complicit in the act.

It makes all the difference.

Do you really believe that if your FC asks you to convo a specific pilot that you are suddenly and inexplicably not allowed to perform this normal game function? Just because somebody asked you to?

That isn't a very sound position, and it's no wonder CCP doesn't classify it an exploit:

Because it's not.


Get thousands of your friends to willingly DDOS a real website and see if your IP classifies it as a DDOS. You can ask them as they cut the hardwire and hand you your termination notice.

internet spaceships

are serious business sir.

and don't forget it

Surfin's PlunderBunny
Sebiestor Tribe
Minmatar Republic
#20 - 2012-10-03 21:39:41 UTC
When riding into battle on my space steed I set it to automatically reject all convos. If you don't remember to do that you're asking to be spammed.

Victory at any cost! Big smile

"Little ginger moron" ~David Hasselhoff 

Want to see what Surf is training or how little isk Surf has?  http://eveboard.com/pilot/Surfin%27s_PlunderBunny

123Next pageLast page